The US Securities and Exchange Commission (SEC) faced a security challenge earlier this year after its X (formerly Twitter) account was hacked in an alleged attempt to manipulate the Bitcoin market.
The incident has led to the arrest of Eric Council Jr., an Alabama man who now faces up to five years in prison for conspiracy to commit access device fraud and aggravated identity theft.
The 25-year-old’s alleged scheme artificially manipulated the Bitcoin market by temporarily pumping up the cryptocurrency’s price.
According to the US Department of Justice (DoJ), Council Jr. was helped by several unnamed accomplices in the campaign that compromised the SEC’s official X account. Once they breached the account, the perpetrators posted a fraudulent message claiming the regulator had approved Bitcoin exchange-traded funds (ETFs).
The message, falsely attributed to SEC chair Gary Gensler, triggered a surge in Bitcoin’s market value, spiking its price by over $1,000 in minutes.
However, the surge didn’t last long; once the SEC regained control of its account and rectified the situation, the crypto token’s price plummeted by more than $2,000.
In this scenario, Council Jr. and his co-conspirators allegedly leveraged SIM-swapping techniques to breach the SEC’s X account. Threat actors frequently employ this tactic to seize control of phone numbers and intercept SMS-based two-factor authentication (2FA) codes.
In SIM-swapping attacks, perpetrators typically persuade telecom service providers to transfer a victim’s phone number to an attacker-controlled SIM card. Once in control, they can bypass SMS-based security measures and reset account passwords.
Council Jr. and his accomplices allegedly used forged identity documents to impersonate an individual with access to the SEC’s X account.
“The defendant allegedly deceived the public by impersonating the victim and making fraudulent statements on behalf of the SEC,” according to Assistant Director Chad Yarbrough of the FBI Criminal Investigative Division. “The FBI and our partners will continue to investigate and hold accountable those who attempt to manipulate financial markets for their own gain.”
In an almost absurd turn of events, the suspect, in a last-ditch effort to cover his tracks, asked Google for advice on how to find out if the FBI was on his trail. According to a DoJ press release, his queries included:
tags
Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.
View all postsNovember 14, 2024
September 06, 2024